What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-02-09 06:00:24 | Offensif et défensif: renforcer la sensibilisation à la sécurité avec deux approches d'apprentissage puissantes Offensive and Defensive: Build Security Awareness with Two Powerful Learning Approaches (lien direct) |
“Offensive” security awareness and “defensive” security awareness are two learning approaches that you can use to build a robust security culture in your company. They involve applying different strategies to educate your employees about threats and how they can respond to them safely. You may have heard the terms “offensive cybersecurity” and “defensive cybersecurity.” You use defensive tools and techniques to strengthen security vulnerabilities. And with offensive tools and techniques, you focus on identifying those vulnerabilities before attackers find them first. How do defensive and offensive approaches apply to security awareness? Here\'s a quick overview: With a defensive approach, users learn the fundamentals of security. With an offensive approach, users learn how to protect themselves and the business against future threats. Let\'s use a sports analogy here. You can actively learn to be a defensive goalie and block threats. Then, you can take your skills up a level and learn to score points with protective techniques. With Proofpoint Security Awareness, our industry-leading threat intelligence informs both approaches. We help people learn how to defend against current threats. And we give them the tools for taking offensive action against future threats. Live-action series about Insider Threats. (play video) Defensive security awareness: set the foundation We all have to start with the basics, right? With defensive security awareness, you teach people the fundamentals of security and set the stage for safe behavior. This training is often reactive. It enables people to respond to immediate threats and incidents as they arise. At Proofpoint, we believe in using behavioral science methodologies, like adaptive learning and contextual nudges. We combine this with a threat-driven approach, weaving trend analysis and insights about recent security breaches into our training. A personalized adaptive framework The adaptive learning framework is a personalized defensive approach to training. It recognizes that everyone learns differently; it is the opposite of a one-size-fits-all approach. You can teach security fundamentals in a way that is meaningful for each person based on what they know, what they might do and what they believe. This framework lets you drive behavior change with education that is tailored to each person\'s needs. That can include their professional role, industry, content style and native language. The learner can engage with a wide variety of styles and materials. And each training is tied to a specific learning objective. Adaptive learning recognizes that people learn best in short bursts that are spread over time. Our microlearning video modules are under three minutes, and our nano-learning videos are under one minute. These formats give people the flexibility to learn at their own pace. For instance, our “You\'re Now a Little Wiser” nano series offers bite-size training on topics such as data protection to help users learn about specific threats. Screenshots from a one-minute nano-learning video. Contextual nudges and positive reinforcement Training is essential if you want to build a robust security culture. But it is not enough to change behavior fully. Here is where contextual nudges play a vital role in helping to reinforce positive behavior habits once they are formed. These deliberate interventions are designed to shape how people behave. Nudges are rooted in a deep understanding of human behavior. They can move people toward making better decisions, often without them realizing it. They are gentle reminders that can guide people toward creating optimal outcomes. That, in turn, helps to foster a defensive security-conscious culture in your company. It is important to find the respectful balance of nudging people toward secure behaviors without being too intrusive or complex. For example, when a user fails a phishing simulation exercise, Proofpoint Security Awareness offers “Tea | Ransomware Malware Tool Vulnerability Threat Prediction | ★★★ | |
 |
2024-02-09 02:57:07 | L'oncle Sam adoucit le pot avec 15 millions de dollars sur la prime sur les membres du gang Ransomware Hive Uncle Sam sweetens the pot with $15M bounty on Hive ransomware gang members (lien direct) |
Honneur parmi les voleurs sur le point d'être mis à l'épreuve Le gouvernement américain a placé une prime supplémentaire de 5 millions de dollars sur des membres de gangs de ransomware Hive & # 8211;sa deuxième récompense de ce type en un an.Et cela vient également un peu plus de 11 mois depuis que le FBI a déclaré qu'il avait fermé le réseau de l'organisation criminelle \\.…
Honor among thieves about to be put to the test The US government has placed an extra $5 million bounty on Hive ransomware gang members – its second such reward in a year. And it also comes a little over 11 months since the FBI said it had shut down the criminal organization\'s network.… |
Ransomware | ★★ | |
 |
2024-02-08 19:27:28 | Les États-Unis offrent une récompense de 10 millions de dollars pour des informations sur les membres des gangs de ransomware Hive US offers $10 million reward for info on Hive ransomware gang members (lien direct) |
Le Département d'État américain a annoncé une récompense de 10 millions de dollars pour des informations conduisant à l'identification ou à l'emplacement des membres clés du gang de ransomware Hive.Les opérations du gang \\ ont été perturbés par le FBI il y a presque exactement un an, en fermant l'infrastructure du groupe Ransomware \\ après une opération de sept mois .Jeudi, le département d'État a déclaré qu'en
The U.S. State Department announced a $10 million reward for information leading to the identification or location of key members of the Hive ransomware gang. The gang\'s operations were disrupted by the FBI almost exactly one year ago, shutting the ransomware group\'s infrastructure after a seven-month operation. On Thursday, the State Department said that in |
Ransomware | ★★ | |
|
2024-02-08 18:55:39 | California Union confirme l'attaque des ransomwares à la suite de réclamations de verrouillage California union confirms ransomware attack following LockBit claims (lien direct) |
L'un des plus grands syndicats de Californie a confirmé cette semaine qu'il faisait face aux perturbations du réseau en raison d'un cyber-incident à la suite des allégations d'une attaque le mois dernier par un gang de ransomware notoire.Les employés du service Union internationale (SEIU) Local 1000 représente près de 100 000 employés de l'État en Californie dans plus de 2 000 chantiers dans le
One of the largest unions in California confirmed this week that it is dealing with network disruptions due to a cyber incident following claims of an attack last month by a notorious ransomware gang. Service Employees International Union (SEIU) Local 1000 represents nearly 100,000 state employees in California across more than 2,000 worksites in the |
Ransomware | ★★ | |
 |
2024-02-08 15:16:15 | Hyundai Motor Europe frappé par Black Basta Ransomware Attack Hyundai Motor Europe hit by Black Basta ransomware attack (lien direct) |
La constructeur automobile Hyundai Motor Europe a subi une attaque noire de ransomware de Basta, les acteurs de la menace prétendant avoir volé trois téraoctets de données d'entreprise.[...]
Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data. [...] |
Ransomware Threat | ★★★ | |
 |
2024-02-08 13:36:38 | Acronis : Augmentation alarmante des cyberattaques, les PME et les MSP dans le collimateur (lien direct) | Augmentation alarmante des cyberattaques, les PME et les MSP dans le collimateur, selon Acronis. Le phishing et l'IA forment un couple toxique. 5 gangs de ransomware ont fait la majorité des victimes signalées / LockBit, CL0P, BlackCat / ALPHV, Play et 8Base - Malwares | Ransomware | ★★★ | |
|
2024-02-08 13:14:12 | Les funérailles auraient été annulées en raison d'une attaque de ransomware contre la ville autrichienne Funerals reportedly canceled due to ransomware attack on Austrian town (lien direct) |
La municipalité de Korneuburg en Autriche a déclaré qu'elle avait été frappée par une attaque de ransomware, conduisant à des funérailles qui auraient été annulées et que la mairie informant les résidents de son personnel ne peut être contactée que par téléphone.La petite ville des rives du Danube à quelques kilomètres au nord de Vienne a une population de moins de 13 000 habitants
The municipality of Korneuburg in Austria said it was hit by a ransomware attack, leading to funerals reportedly being canceled and the town hall informing residents its staff can only be reached via telephone. The small town on the banks of the Danube a few kilometers north of Vienna has a population of under 13,000 |
Ransomware | ★★ | |
 |
2024-02-08 13:00:00 | Rise sans précédent de la malvertisation comme précurseur de ransomware Unprecedented Rise of Malvertising as a Precursor to Ransomware (lien direct) |
Ransomware Malware | ★★ | ||
 |
2024-02-08 11:00:00 | Avez-vous toujours besoin d'une protection antivirus pour Windows en 2024? Do you still need antivirus protection for Windows in 2024? (lien direct) |
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. The question of whether you need antivirus (AV) for Windows devices is always up for debate. The advancements and new technology have made the operating system (OS) more secure and reliable. Nevertheless, the effectiveness and lethality of cyber threats have increased as well. And every year, millions of Windows users fall victim to various digital perils. This article will discuss whether antivirus software is needed for Windows devices. You’ll discover how AVs work and the most common cyberattacks they can prevent. Moreover, we’ll review the benefits and drawbacks of built-in and third-party antivirus software. How does antivirus work? Scanning, removing, preventing – these are the 3 main stages of how an antivirus works. Once you install an AV, it scans every email, app, and file. During this process, it compares the results with its database. If something is off, the antivirus marks it as malware. Then, the AV either quarantines the malicious files or entirely obliterates them. And while all that is happening, a reliable antivirus runs smoothly in the background, preventing intruders from harming your devices and stealing your data. According to Datto’s global research, Windows device users should be the most concerned about their safety. Around 91% of gadgets that use this OS have been targeted by ransomware attacks. Nevertheless, none of the OS are entirely immune to various online perils. Whether using a Mac, Windows, or Android device, it’s better to be safe than sorry and use an AV. That way, you won’t put yourself, your devices, or your precious data at risk. What threats can a Windows antivirus prevent? As we briefly mentioned, a reliable antivirus can protect your device from online dangers. There are a few most common ones. Below, you’ll find them and what threat they pose: Viruses: These malicious programs multiply and spread from one computer to another. Viruses can attach themselves to programs and files, damage the system, and let other malware in. | Ransomware Malware Threat Mobile | ★★★ | |
|
2024-02-07 15:56:14 | Les paiements de crypto-monnaie de ransomware en 2023 ont atteint un sommet de 1,1 milliard de dollars Ransomware Cryptocurrency Payments in 2023 Hit All-Time-High of US$1.1Billion (lien direct) |
Ransomware les paiements de crypto-monnaie en 2023 ont atteint un sommet de tous les temps de 1,1 milliard de dollars
Après une baisse significative en 2022, l'augmentation de 94% l'année dernière démontre que les ransomwares sont une menace qui ne se déroule que pour s'aggraver.
-
rapports spéciaux
Ransomware Cryptocurrency Payments in 2023 Hit All-Time-High of US$1.1Billion After a significant decline in 2022, the 94% increase last year demonstrates that ransomware is a threat that is only set to worsen. - Special Reports |
Ransomware Threat | ★★ | |
|
2024-02-07 15:46:58 | Les paiements de ransomware en cryptomonnaies ont atteint un niveau record de 1,1 milliard de dollars en 2023 (lien direct) | Les paiements de ransomware en cryptomonnaies ont atteint un niveau record de 1,1 milliard de dollars en 2023 Malgré une baisse importante en 2022, la hausse de 94 % en 2023 démontre que la menace ransomwares risque de progresser - Investigations | Ransomware | ★★★ | |
 |
2024-02-07 14:32:19 | Attaques de ransomwares: tendances et industries la plupart ciblées Ransomware Attacks: Trends and Most Targeted Industries (lien direct) |
Ransomware | ★★ | ||
|
2024-02-07 14:17:45 | Day Internet plus sûr 2024: les dangers de l'IA non distingués & auml; tzen Safer Internet Day 2024: KI-Gefahren nicht unterschätzen (lien direct) |
anliche d'une autre journée Internet sûre Il est essentiel que le grand public pense davantage au paysage en développement des menaces de cybersécurité, y compris le rôle émergent de l'IA.Ce devrait être votre engagement pour une R & Auml numérique plus sécurisée;L'année dernière a montré à quel point les cyberattaques ont sophistiqué et H & Auml; UFIG qui visent non seulement les grandes entreprises, mais aussi sur les particuliers.L'augmentation des ransomwares, de la fraude au phishing, des campagnes de désinformation et des menaces contrôlées par l'IA montre qu'il existe un besoin urgent d'une agence de cybersécurité robuste; - rapports spéciaux / / | Ransomware | ★★ | |
|
2024-02-07 14:10:02 | Les paiements de ransomwares ont doublé à plus d'un milliard de dollars en 2023 Ransomware payments doubled to more than $1 billion in 2023 (lien direct) |
Les entreprises, les particuliers et les autres victimes d'attaques de ransomwares ont payé des pirates plus de 1,1 milliard de dollars en 2023 en échange de la libération de leurs données, selon de nouvelles recherches.Chainalysis - une firme de recherche de blockchain qui analyse les transactions effectuées par des gangs de ransomware, des affiliés et d'autres cybercriminels - libéré Un rapport ceci ceLe matin constatant que les paiements de rançon ont battu des dossiers
Companies, individuals and other victims of ransomware attacks paid hackers more than $1.1 billion in 2023 in exchange for unlocking their data, according to new research. Chainalysis - a blockchain research firm that analyzes transactions made by ransomware gangs, affiliates and other cybercriminals - released a report this morning finding that ransom payments broke records |
Ransomware | ★★★ | |
 |
2024-02-07 14:00:00 | Les paiements de ransomwares ont atteint un record de 1,1 milliard de dollars en 2023 Ransomware Payments Hit a Record $1.1 Billion in 2023 (lien direct) |
Après un ralentissement des paiements aux gangs de ransomwares en 2022, l'année dernière a vu les paiements de rançon totaux à leur plus haut niveau à ce jour, selon un nouveau rapport de la société de tracé de crypto-tracé Chainalysis.
After a slowdown in payments to ransomware gangs in 2022, last year saw total ransom payouts jump to their highest level yet, according to a new report from crypto-tracing firm Chainalysis. |
Ransomware | ★★ | |
 |
2024-02-07 14:00:00 | Les paiements de ransomwares ont atteint 1 milliard de dollars de plus l'année dernière Ransomware Payments Hit $1bn All-Time High Last Year (lien direct) |
La surveillance de la chaîne de chaînes de transactions blockchain révèle que les paiements de ransomware ont atteint un record de 1 milliard de dollars en 2023
Chainalysis monitoring of blockchain transactions reveals ransomware payments hit a record $1bn in 2023 |
Ransomware | ★★ | |
 |
2024-02-07 12:56:59 | Rançongiciel : une cyberattaque qui a coûté 27 millions d\'euros (lien direct) | En septembre 2023, Johnson Controls International a subi une attaque de ransomware d'une ampleur considérable, infligée par le groupe Dark Angels, entraînant le vol de 27 téraoctets de données précieuses. L'entreprise s'en remet toujours pas !... | Ransomware | ★★ | |
 |
2024-02-07 09:42:00 | South Staffs Water fait face à l'action de groupe sur l'attaque des ransomwares de Clop South Staffs Water faces group action over Clop ransomware attack (lien direct) |
En septembre 2023, Johnson Controls International a subi une attaque de ransomware d'une ampleur considérable, infligée par le groupe Dark Angels, entraînant le vol de 27 téraoctets de données précieuses. L'entreprise s'en remet toujours pas !... | Ransomware | ★★ | |
 |
2024-02-07 01:43:06 | La fuite de données détectée par AHNLAB EDR (vs acteurs de menaces de ransomware) Data Leak Detected by AhnLab EDR (vs. Ransomware Threat Actors) (lien direct) |
Les acteurs de la menace de ransomware ont extorqué de l'argent après avoir pris le contrôle des organisations & # 8217;Réseaux internes, distribution des ransomwares, chiffrer les systèmes et maintenir la restauration du système pour rançon.Récemment, cependant, les acteurs de la menace cryptent non seulement les systèmes mais divulguent également des données internes et menacent de les exposer publiquement si la rançon n'est pas payée.Habituellement, ces acteurs de menace collectent des données, les compriment et les divulguent publiquement.Dans de tels processus, les acteurs de la menace utilisent de nombreux programmes d'utilité légitimes.Ces programmes permettent déjà un transfert stable de grande taille ...
Ransomware threat actors have been extorting money after taking control over organizations’ internal networks, distributing ransomware, encrypting systems, and holding system restoration for ransom. Recently, however, threat actors not only encrypts the systems but also leaks internal data and threatens to expose them publicly if the ransom is not paid. Usually, these threat actors collect data, compress them, and leak them publicly. In such processes, threat actors utilize many legitimate utility programs. These programs already allow stable transfer of large-sized... |
Ransomware Threat | ★★ | |
|
2024-02-06 15:45:10 | Équilibrez en selle alors que les rumeurs de paiement de rançon tourbillonnent EquiLend back in the saddle as ransom payment rumors swirl (lien direct) |
Toujours aucun mot sur la façon dont les intrus ont interrompu ou l'étendue complète de tout compromis de données possible Les systèmes de la société de technologie de financement de valeurs générales sont maintenant de retour en ligne après avoir annoncé une attaque de ransomware perturbatrice presqueIl y a deux semaines.…
Still no word on how the intruders broke in or the full extent of any possible data compromise Global securities finance tech company EquiLend\'s systems are now back online after announcing a disruptive ransomware attack nearly two weeks ago.… |
Ransomware | ★★★ | |
 |
2024-02-06 11:50:22 | Impact des ransomwares CL0P sur le paysage cyber-menace en 2023: une analyse de la cyber-tactique et de l'évolution des menaces au cours de l'année Impact of CL0P Ransomware on the Cyber Threat Landscape in 2023: An Analysis of Cyber Tactics and Threat Evolution Over the Year (lien direct) |
Dans le réseau complexe des menaces de cybersécurité, le groupe de ransomware CL0P a creusé une réputation ...
In the intricate web of cybersecurity threats, the CL0P ransomware group carved out a reputation... |
Ransomware Threat | ★★★ | |
|
2024-02-06 05:00:20 | Comment les cybercriminels augmentent-ils le privilège et se déplacent-ils latéralement? How Do Cybercriminals Escalate Privilege and Move Laterally? (lien direct) |
If you want to understand how cybercriminals cause business-impacting security breaches, the attack chain is a great place to start. The eight steps of this chain generalize how a breach progresses from start to finish. The most impactful breaches typically follow this pattern: Steps in the attack chain. In this blog post, we will simplify the eight steps of an attack into three stages-the beginning, middle and end. Our focus here will primarily be on the middle stage-info gathering, privilege escalation and lateral movement, which is often the most challenging part of the attack chain to see and understand. The middle steps are often unfamiliar territory, except for the most highly specialized security practitioners. This lack of familiarity has contributed to significant underinvestment in security controls required to address attacks at this stage. But before we delve into our discussion of the middle, let\'s address the easiest stages to understand-the beginning and the end. The beginning of the attack chain A cyberattack has to start somewhere. At this stage, a cybercriminal gains an initial foothold into a target\'s IT environment. How do they do this? Mainly through phishing. A variety of tactics are used here including: Stealing a valid user\'s login credentials Luring a user into installing malicious software, such as Remote Access Trojans (RATs) Calling the company\'s help desk to socially engineer the help desk into granting the attacker control over a user\'s account Much ink has been spilled about these initial compromise techniques. This is why, in part, the level of awareness and understanding by security and non-security people of this first stage is so high. It is fair to say that most people-IT, security and everyday users-have personally experienced attempts at initial compromise. Who hasn\'t received a phishing email? A great deal of investment goes into security tools and user training to stop the initial compromise. Think of all the security technologies that exist for that purpose. The list is very long. The end of the attack chain Similarly, the level of awareness and understanding is also very high around what happens at the end of the attack chain. As a result, many security controls and best practices have also been focused here. Everyone-IT, security and even everyday users-understands the negative impacts of data exfiltration or business systems getting encrypted by ransomware attackers. Stories of stolen data and ransomed systems are in the news almost daily. Now, what about the middle? The middle is where an attacker attempts to move from the initially compromised account(s) or system(s) to more critical business systems where the data that\'s worth exfiltrating or ransoming is stored. To most people, other than red teamers, pen testers and cybercriminals, the middle of the attack chain is abstract and unfamiliar. After all, regular users don\'t attempt to escalate their privileges and move laterally on their enterprise network! These three stages make up the middle of the attack chain: Information gathering. This includes network scanning and enumeration. Privilege escalation. During this step, attackers go after identities that have successively higher IT system privileges. Or they escalate the privilege of the account that they currently control. Lateral movement. Here, they hop from one host to another on the way to the “crown jewel” IT systems. Steps in the middle of the attack chain. Relatively few IT or security folks have experience with or a deep understanding of the middle of the attack chain. There are several good reasons for this: Most security professionals are neither red teamers, pen testers, nor cybercriminals. The middle stages are “quiet,” unlike initial compromise-focused phishing attacks or successful ransomware attacks, which are very “loud” by comparison. Unlike the front and back end of the attack chain, there has been little coverage about how these steps | Ransomware Malware Tool Vulnerability Threat | ★★★ | |
 |
2024-02-05 16:25:55 | Les adolescents commettant des cybercrimes effrayants: qu'est-ce qui est derrière la tendance? Teens Committing Scary Cybercrimes: What\\'s Behind the Trend? (lien direct) |
Vol de crypto, tactiques de sextorsion, échantillons et ransomwares: les adolescents prennent de plus en plus la cybercriminalité pour le plaisir et le profit - et les experts attribuent un éventail de facteurs contributifs.
Crypto theft, sextortion tactics, swattings, and ransomware: teenagers are increasingly taking up cybercrime for fun and profit - and experts credit an array of contributing factors. |
Ransomware | ★★★ | |
|
2024-02-05 14:01:52 | Blackfog Janvier State of Ransomware Report Blackfog January State of Ransomware Report (lien direct) |
Blackfog Janvier State of Ransomware Report Darren Williams, PDG et fondateur, Blackfog, a offert des perspectives le mois dernier des attaques de ransomwares, ci-dessous
-
rapports spéciaux
Blackfog January State of Ransomware Report Darren Williams, CEO and Founder, BlackFog, has offered perspectives on the last month of ransomware attacks, below - Special Reports |
Ransomware | ★★ | |
|
2024-02-05 11:41:18 | 7 conseils pour développer une approche proactive pour éviter le vol de données 7 Tips to Develop a Proactive Approach to Prevent Data Theft (lien direct) |
Data is one of the most valuable assets for a modern enterprise. So, of course, it is a target for theft. Data theft is the unauthorized acquisition, copying or exfiltration of sensitive information that is typically stored in a digital format. To get it, bad actors either abuse privileges they already have or use various other means to gain access to computer systems, networks or digital storage devices. The data can range from user credentials to personal financial records and intellectual property. Companies of all sizes are targets of data theft. In September 2023, the personal data of 2,214 employees of the multinational confectionary firm The Hershey Company was stolen after a phishing attack. And in January 2024, the accounting firm of Framework Computer fell victim to an attack. A threat actor posed as the Framework\'s CEO and convinced the target to share a spreadsheet with the company\'s customer data. Data thieves aim to profit financially, disrupt business activities or do both by stealing high-value information. The fallout from a data breach can be very costly for a business-and the cost is going up. IBM reports that the global average cost of a data breach in 2023 was $4.45 million, a 15% increase over three years. Other data suggests that the average cost of a breach is more than double for U.S. businesses-nearly $9.5 million. Not all data breaches involve data theft, but stealing data is a top aim for many attackers. Even ransomware gangs have been shifting away from data encryption in their attacks, opting instead to steal massive amounts of data and use its value as a means to compel businesses to pay ransom. So, what can businesses do to prevent data theft? Taking a proactive approach toward stopping someone from stealing your data is a must. This blog post can help jump-start your thinking about how to improve data security. We explore how data theft happens and describe some common threats that lead to it. We also outline seven strategies that can help reduce your company\'s risk of exposure to data theft and highlight how Proofpoint can bolster your defenses. Understanding data theft-and who commits it Data theft is a serious security and privacy breach. Data thieves typically aim to steal information like: Personally identifiable information (PII) Financial records Intellectual property (IP) Trade secrets Login credentials Once they have it, bad actors can use stolen data for fraudulent activities or, in the case of credential theft, to gain unlawful access to accounts or systems. They can also sell high-value data on the dark web. The consequences of data theft for businesses can be significant, if not devastating. They include hefty compliance penalties, reputational damage, and financial and operational losses. Take the manufacturing industry as an example. According to one source, a staggering 478 companies in this industry have experienced a ransomware attack in the past five years. The costs in associated downtime are approximately $46.2 billion. To prevent data theft, it\'s important to recognize that bad actors from the outside aren\'t the only threat. Insiders, like malicious employees, contractors and vendors, can also steal data from secured file servers, database servers, cloud applications and other sources. And if they have the right privileges, stealing that data can be a breeze. An insider\'s goals for data theft may include fraud, the disclosure of trade secrets to a competitor for financial gain, or even corporate sabotage. As for how they can exfiltrate data, insiders can use various means, from removable media to personal email to physical printouts. How does data theft happen? Now, let\'s look at some common methods that attackers working from the outside might employ to breach a company\'s defenses and steal data. Phishing. Cybercriminals use phishing to target users through email, text messages, phone calls and other forms of communication. The core objective of this approach is to trick users into doing what | Ransomware Data Breach Malware Tool Vulnerability Threat Cloud | ★★★ | |
 |
2024-02-03 22:16:33 | AnyDesk piraté, dit de réinitialiser les mots de passe AnyDesk Hacked, Says To Reset Passwords (lien direct) |
AnyDesk, une société de logiciels d'accès à distance en allemand, a annoncé vendredi que ses systèmes de production étaient compromis dans un incident de sécurité.
Pour ceux qui ne le savent pas, AnyDesk est une solution d'accès à distance qui compte plus de 170 000 clients, dont Amedes, AutoFor Engineering, 7-Eleven, Comcast, LG Electronics, Samsung Electronics, Spidercam et Thales.
Il permet aux utilisateurs d'accéder à distance aux ordinateurs sur un réseau ou sur Internet.
La société allemande a pris conscience de l'accident en remarquant une activité inhabituelle sur leurs serveurs de produits, ce qui les a incités à effectuer immédiatement un audit de sécurité.
Après l'audit, AnyDesk a immédiatement activé un plan de correction et de réponse, développé en collaboration avec la société de cybersécurité CrowdStrike et travaille en étroite collaboration avec eux.Il a également été constaté que la cyberattaque n'était pas une attaque de ransomware.
& # 8220; Nous avons révoqué toutes les certifications et les systèmes liés à la sécurité ont été améliorés ou remplacés si nécessaire.Nous allons bientôt révoquer le certificat de signature de code précédent pour nos binaires et avons déjà commencé à le remplacer par un nouveau », a déclaré la société dans un déclaration publique vendredi.
Au cours de l'enquête, AnyDesk n'a trouvé aucune preuve de clés privées, de jetons ou de mots de passe obtenus qui pourraient être utilisés pour exploiter pour se connecter aux appareils d'utilisateur final.
Cependant, par mesure de précaution, la société a révoqué tous les mots de passe de son portail Web, My.Anydesk.com, et a suggéré à ses utilisateurs de modifier leurs mots de passe si les mêmes informations d'identification ont été utilisées sur d'autres sites Web.De plus, il a également encouragé les utilisateurs à utiliser la dernière version, avec le nouveau certificat de signature de code.
«À ce jour, nous n'avons aucune preuve que des appareils utilisateur final aient été affectés.Nous pouvons confirmer que la situation est sous contrôle et il est sûr d'utiliser AnyDesk.L'intégrité et la confiance dans nos produits sont d'une importance capitale pour nous et nous prenons cette situation très au sérieux », a-t-il conclu.
AnyDesk, a German-based remote access software company, on Friday announced that its production systems were compromised in a security incident. For those unaware, AnyDesk is a remote access solution that has more than 170,000 customers, including Amedes, AutoForm Engineering, 7-Eleven, Comcast, LG Electronics, Samsung Electronics, Spidercam, and Thales. It allows users to remotely access computers over a network or the internet. The German company became aware of the accident upon noticing unusual activity on their product servers, prompting them to immediately conduct a security audit. Following the audit, AnyDesk immediately activated a remediation and response plan, developed in collaboration with cybersecurity firm CrowdStrike, and is working closely with them. It was also found that the cyberattack was not a ransomware attack. “We have revoked all security-related certifications and systems have been improved or replaced where necessary. We will shortly revoke the previous code signing certificate for our binaries and have already started replacing it with a new one,” the company said in a public statement on Friday. During the investigation, AnyDesk did not find any evidence of any private keys, tokens, or passwords being obtained that could be used to exploit to connect to end-user devices. However, as a precautio |
Ransomware Threat | ★★★ | |
 |
2024-02-03 17:06:19 | Kaspersky prévoit que les ransomwares restent les principales menaces aux entreprises industrielles en 2024 Kaspersky predicts ransomware to remain top threat to industrial enterprises in 2024 (lien direct) |
Kaspersky a identifié qu'il ne s'attend pas à des changements rapides dans le paysage de la cyber-menace industrielle cette année dans ...
Kaspersky identified that it does not expect rapid changes in the industrial cyber threat landscape this year in... |
Ransomware Threat Studies Industrial | ★★★ | |
 |
2024-02-03 09:25:00 | AnyDesk piraté: les logiciels de bureau à distance populaires obligés de réinitialiser le mot de passe AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset (lien direct) |
Vendredi, le fabricant de logiciels de bureau à distance a révélé qu'il a subi une cyberattaque qui a conduit à un compromis de ses systèmes de production.
La société allemande a déclaré que l'incident, qu'elle a découvert à la suite d'un audit de sécurité, n'est pas une attaque de ransomware et qu'elle a informé les autorités pertinentes.
"Nous avons révoqué tous les certificats et les systèmes liés à la sécurité ont été corrigés ou remplacés
Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems. The German company said the incident, which it discovered following a security audit, is not a ransomware attack and that it has notified relevant authorities. "We have revoked all security-related certificates and systems have been remediated or replaced |
Ransomware | ★★★ | |
|
2024-02-02 21:49:20 | Les géants de l'industrie Clorox et Johnson contrôlent les pertes financières des cyberattaques Industry giants Clorox and Johnson Controls report financial losses from cyberattacks (lien direct) |
Deux rapports de bénéfices trimestriels déposés cette semaine auprès de la Securities and Exchange Commission illustrent les attaques de ransomwares et les cyber-incidents en profondeur à impact financier et les cyberJeudi, le géant des produits de nettoyage Clorox Expliqué Dans son rapport sur les résultats qu'au cours des six derniers mois, la société a subi une baisse de 6%
Two quarterly earnings reports filed this week with the Securities and Exchange Commission illustrate the deep financial impact ransomware attacks and cyber incidents can have on a company\'s bottom line. On Thursday, cleaning product giant Clorox explained in its earnings report that over the last six months the company suffered from a 6% lower sales |
Ransomware | ★★★ | |
|
2024-02-02 15:53:00 | INTERPOL Arrestations 31 dans le fonctionnement mondial, identifie 1 900+ IPS liés à 1 900 ransomwares INTERPOL Arrests 31 in Global Operation, Identifies 1,900+ Ransomware-Linked IPs (lien direct) |
Une opération collaborative dirigée par Interpol ciblant le phishing, les logiciels malveillants bancaires et les attaques de ransomwares a conduit à l'identification de 1 300 adresses IP suspectes et URL.
L'effort & nbsp; les forces de l'ordre, nommé par code et NBSP; Synergie, ont eu lieu entre septembre et novembre 2023 pour tenter de désactiver «la croissance, l'escalade et la professionnalisation de la cybercriminalité transnationale».
Impliquant 60 loi
An INTERPOL-led collaborative operation targeting phishing, banking malware, and ransomware attacks has led to the identification of 1,300 suspicious IP addresses and URLs. The law enforcement effort, codenamed Synergia, took place between September and November 2023 in an attempt to blunt the "growth, escalation and professionalization of transnational cybercrime." Involving 60 law |
Ransomware Malware | ★★ | |
|
2024-02-02 13:01:06 | La dernière intervention cybercriminale d'Interpol démantèle le ransomware, les serveurs de logiciels malveillants bancaires Interpol\\'s latest cybercrime intervention dismantles ransomware, banking malware servers (lien direct) |
Efforts Partie des opérations coordonnées internationales effectuées au cours des derniers mois Interpol a arrêté 31 personnes à la suite d'une opération de trois mois pour éradiquer divers types de cybercriminaux.…
Efforts part of internationally coordinated operations carried out in recent months Interpol has arrested 31 people following a three-month operation to stamp out various types of cybercrime.… |
Ransomware Malware | ★★★ | |
 |
2024-02-02 12:18:54 | 31 personnes arrêtées dans la répression mondiale de la cybercriminalité 31 People Arrested in Global Cybercrime Crackdown (lien direct) |
> Les forces de l'ordre dans 50 pays s'associent pour éliminer les ransomwares, les logiciels malveillants bancaires et les menaces de phishing.
>Law enforcement in 50 countries partner to take down ransomware, banking malware, and phishing threats. |
Ransomware Malware Legislation | ★★★ | |
|
2024-02-02 10:30:00 | Lockbit Reigns Suprême dans le paysage des ransomwares en plein essor LockBit Reigns Supreme in Soaring Ransomware Landscape (lien direct) |
Le dernier trimestre de 2023 a vu une augmentation de 80% en glissement annuel des réclamations de victime de ransomware, selon Reliaquest
The last quarter of 2023 saw an 80% year-on-year increase in ransomware victim claims, according to ReliaQuest |
Ransomware | ★★★ | |
|
2024-02-02 07:56:28 | Interpol Operation Synergia élimine 1 300 serveurs utilisés pour la cybercriminalité Interpol operation Synergia takes down 1,300 servers used for cybercrime (lien direct) |
Une opération internationale d'application de la loi est nommé \\ 'Synergie \' a supprimé plus de 1 300 serveurs de commandement et de contrôle utilisés dans les campagnes de ransomware, de phishing et de logiciels malveillants.[...]
An international law enforcement operation code-named \'Synergia\' has taken down over 1,300 command and control servers used in ransomware, phishing, and malware campaigns. [...] |
Ransomware Malware | ★★★ | |
|
2024-02-02 05:00:40 | Brisez la chaîne d'attaque: le gambit d'ouverture Break the Attack Chain: The Opening Gambit (lien direct) |
The threat landscape has always evolved. But the pace of change over the last decade is unlike anything most security professionals have experienced before. Today\'s threats focus much less on our infrastructure and much more on our people. But that\'s not all. Where once a cyberattack may have been a stand-alone event, these events are now almost always multistage. In fact, most modern threats follow the same playbook: initial compromise, lateral movement and impact. While this approach has the potential to cause more damage, it also gives security teams more opportunities to spot and halt cyberattacks. By placing protections in key spots along the attack chain, we can thwart and frustrate would-be cybercriminals before their ultimate payoff. This starts with understanding the opening gambit: How do threat actors attempt to gain access to your king-in this case, your networks and data? And what can be done to keep them at bay? Understanding the playbook The chess parallels continue when we look at recent evolutions in the threat landscape, with our defensive tactics provoking an adapted method of attack. We see this in full effect when it comes to multifactor authentication (MFA). In recent years, security professionals have flocked to MFA to protect accounts and safeguard credentials. In response, threat actors have developed MFA bypass and spoofing methods to get around and weaponize these protections. So much so that MFA bypass can now be considered the norm when it comes to corporate credential phishing attacks. Increasingly, cybercriminals purchase off-the-shelf kits which enable them to use adversary-in-the-middle (AiTM) tactics to digitally eavesdrop and steal credentials. We have also seen an increase in other human-activated methods, such as telephone-oriented attack delivery (TOAD). This method combines voice and email phishing techniques to trick victims into disclosing sensitive information such as login credentials or financial data. Whatever the method, the desired outcome at this stage is the same. Cybercriminals seek to get inside your defenses so they can execute the next stage of their attack. That is what makes the opening gambit such a critical time in the lifecycle of a cyber threat. Modern threat actors are experts at remaining undetected once they are inside our networks. They know how to hide in plain sight, move laterally and escalate privileges. So, if this stage of the attack is a success, organizations have a huge problem. The good news is that the more we understand the tactics that today\'s cybercriminals use, the more we can adapt our defenses to stop them in their tracks before they can inflict significant damage. Countering the gambit The best opportunity to stop cybercriminals is before and during the initial compromise. By mastering a counter to the opening gambit, we can keep malicious actors where they belong-outside our perimeter. It will surprise no one that most threats start in the inbox. So, the more we can do to stop malicious messaging before it reaches our people, the better. There is no silver bullet in this respect. artificial intelligence (AI)-powered email security is as close as it gets. Proofpoint Email Protection is the only AI and machine learning-powered threat protection that disarms today\'s advanced attacks. Proofpoint Email Protection uses trillions of data points to detect and block business email compromise (BEC), phishing, ransomware, supply chain threats and plenty more. It also correlates threat intelligence across email, cloud and network data to help you stay ahead of new and evolving threats that target your people. However, the difficult reality is that nothing is entirely impenetrable. Today\'s security teams must assume some threats will reach the inbox. And your people need to be prepared when they do. Equipping this vital line of defense requires total visibility into who is being attacked in your organization-and when, where and how. Once you have identified the people who ar | Ransomware Threat Cloud | ★★★ | |
|
2024-02-01 21:58:00 | La recherche de la délibération révèle que les ransomwares sont de retour en augmentation alors que les cybercriminels \\ 'la motivation se déplace vers l'exfiltration des données Delinea Research Reveals that Ransomware Is Back on the Rise As Cybercriminals\\' Motivation Shifts to Data Exfiltration (lien direct) |
The threat landscape has always evolved. But the pace of change over the last decade is unlike anything most security professionals have experienced before. Today\'s threats focus much less on our infrastructure and much more on our people. But that\'s not all. Where once a cyberattack may have been a stand-alone event, these events are now almost always multistage. In fact, most modern threats follow the same playbook: initial compromise, lateral movement and impact. While this approach has the potential to cause more damage, it also gives security teams more opportunities to spot and halt cyberattacks. By placing protections in key spots along the attack chain, we can thwart and frustrate would-be cybercriminals before their ultimate payoff. This starts with understanding the opening gambit: How do threat actors attempt to gain access to your king-in this case, your networks and data? And what can be done to keep them at bay? Understanding the playbook The chess parallels continue when we look at recent evolutions in the threat landscape, with our defensive tactics provoking an adapted method of attack. We see this in full effect when it comes to multifactor authentication (MFA). In recent years, security professionals have flocked to MFA to protect accounts and safeguard credentials. In response, threat actors have developed MFA bypass and spoofing methods to get around and weaponize these protections. So much so that MFA bypass can now be considered the norm when it comes to corporate credential phishing attacks. Increasingly, cybercriminals purchase off-the-shelf kits which enable them to use adversary-in-the-middle (AiTM) tactics to digitally eavesdrop and steal credentials. We have also seen an increase in other human-activated methods, such as telephone-oriented attack delivery (TOAD). This method combines voice and email phishing techniques to trick victims into disclosing sensitive information such as login credentials or financial data. Whatever the method, the desired outcome at this stage is the same. Cybercriminals seek to get inside your defenses so they can execute the next stage of their attack. That is what makes the opening gambit such a critical time in the lifecycle of a cyber threat. Modern threat actors are experts at remaining undetected once they are inside our networks. They know how to hide in plain sight, move laterally and escalate privileges. So, if this stage of the attack is a success, organizations have a huge problem. The good news is that the more we understand the tactics that today\'s cybercriminals use, the more we can adapt our defenses to stop them in their tracks before they can inflict significant damage. Countering the gambit The best opportunity to stop cybercriminals is before and during the initial compromise. By mastering a counter to the opening gambit, we can keep malicious actors where they belong-outside our perimeter. It will surprise no one that most threats start in the inbox. So, the more we can do to stop malicious messaging before it reaches our people, the better. There is no silver bullet in this respect. artificial intelligence (AI)-powered email security is as close as it gets. Proofpoint Email Protection is the only AI and machine learning-powered threat protection that disarms today\'s advanced attacks. Proofpoint Email Protection uses trillions of data points to detect and block business email compromise (BEC), phishing, ransomware, supply chain threats and plenty more. It also correlates threat intelligence across email, cloud and network data to help you stay ahead of new and evolving threats that target your people. However, the difficult reality is that nothing is entirely impenetrable. Today\'s security teams must assume some threats will reach the inbox. And your people need to be prepared when they do. Equipping this vital line of defense requires total visibility into who is being attacked in your organization-and when, where and how. Once you have identified the people who ar | Ransomware | ★★★ | |
 |
2024-02-01 21:40:33 | Trigona Ransomware Threat Actor Uses Mimic Ransomware (lien direct) | #### Description
AhnLab Security Intelligence Center (ASEC) has identified a new activity of the Trigona ransomware threat actor installing Mimic ransomware.
The attack targets MS-SQL servers and exploits the Bulk Copy Program (BCP) utility in MS-SQL servers during the malware installation process. The attacker also attempted to use malware for port forwarding to establish an RDP connection to the infected system and control it remotely. The Trigona threat actor is known to use Mimikatz to steal account credentials. The threat actor installed AnyDesk to control the infected system. Administrators must use passwords that cannot be easily guessed and change them periodically to protect the database servers from brute force and dictionary attacks. V3 must also be updated to the latest version to block malware infection in advance. Administrators should also use security programs such as firewalls for database servers accessible from outside to restrict access by external threat actors.
#### Reference URL(s)
1. https://asec.ahnlab.com/en/61000/
#### Publication Date
January 29, 2024
#### Author(s)
Sanseo
#### Description AhnLab Security Intelligence Center (ASEC) has identified a new activity of the Trigona ransomware threat actor installing Mimic ransomware. The attack targets MS-SQL servers and exploits the Bulk Copy Program (BCP) utility in MS-SQL servers during the malware installation process. The attacker also attempted to use malware for port forwarding to establish an RDP connection to the infected system and control it remotely. The Trigona threat actor is known to use Mimikatz to steal account credentials. The threat actor installed AnyDesk to control the infected system. Administrators must use passwords that cannot be easily guessed and change them periodically to protect the database servers from brute force and dictionary attacks. V3 must also be updated to the latest version to block malware infection in advance. Administrators should also use security programs such as firewalls for database servers accessible from outside to restrict access by external threat actors. #### Reference URL(s) 1. https://asec.ahnlab.com/en/61000/ #### Publication Date January 29, 2024 #### Author(s) Sanseo |
Ransomware Malware Threat | ★★★ | |
|
2024-02-01 17:23:56 | La FTC ordonne à Blackbaud pour augmenter la sécurité après une violation de données massive FTC orders Blackbaud to boost security after massive data breach (lien direct) |
Blackbaud s'est installé avec la Federal Trade Commission après avoir été accusé de mauvaise sécurité et de pratiques imprudentes de conservation des données, ce qui a conduit à une attaque de ransomware de mai 2020 et à une violation de données affectant des millions de personnes.[...]
Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. [...] |
Ransomware Data Breach | ★★ | |
|
2024-02-01 16:45:00 | Les agences américaines ne supervisent pas les protections des ransomwares menacent les objectifs de la Maison Blanche US Agencies Failure to Oversee Ransomware Protections Threaten White House Goals (lien direct) |
Un rapport du GAO a révélé que les agences fédérales n'évaluent pas si les secteurs d'infrastructure critiques mettent en œuvre
A GAO report found that federal agencies are not assessing whether critical infrastructure sectors are implementing NIST ransomware protection guidance |
Ransomware | ★★ | |
|
2024-02-01 16:00:00 | L'initiative dirigée par Interpol cible 1300 IPS suspects Interpol-Led Initiative Targets 1300 Suspicious IPs (lien direct) |
L'effort de collaboration mondiale s'est concentré sur la lutte contre la montée mondiale du phishing, des logiciels malveillants et des ransomwares
Global collaborative effort focused on combating the global rise of phishing, malware and ransomware |
Ransomware Malware | ★★★ | |
|
2024-02-01 14:25:38 | Lockbit ne montre aucun remords pour l'attaque des ransomwares contre l'hôpital des enfants \\ LockBit shows no remorse for ransomware attack on children\\'s hospital (lien direct) |
Il a même eu le culot pour fixer la demande de rançon à 800 000 $… pour un gang à but non lucratif ransomware Gang Lockbit revendique une attaque contre l'hôpital de Chicago Children \\ dans une déviation apparente par rapport àsa politique précédente de ne pas cibler les organisations à but non lucratif…
It even had the gall to set the ransom demand at $800K … for a nonprofit Ransomware gang LockBit is claiming responsibility for an attack on a Chicago children\'s hospital in an apparent deviation from its previous policy of not targeting nonprofits.… |
Ransomware | ★★★ | |
|
2024-02-01 13:44:53 | Tendances des ransomwares et cyber-extorsion dans l'équipe de recherche sur les menaces de rediaquest du quatrième trimestre Ransomware and Cyber-extortion Trends in Q4 2023 ReliaQuest Threat Research Team (lien direct) |
Ransomware et Tendances de cyber-axtotion dans le quatrième trimestre 2023
Équipe de recherche sur les menaces de Reliaquest
-
mise à jour malveillant
Ransomware and Cyber-extortion Trends in Q4 2023 ReliaQuest Threat Research Team - Malware Update |
Ransomware Threat | ★★★ | |
|
2024-02-01 11:39:15 | Johnson contrôle l'attaque des ransomwares: le vol de données confirmé, le coût dépasse 27 millions de dollars Johnson Controls Ransomware Attack: Data Theft Confirmed, Cost Exceeds $27 Million (lien direct) |
> Johnson Controls confirme que la récente attaque de ransomware a entraîné un vol de données et dit que les dépenses ont atteint 27 millions de dollars.
>Johnson Controls confirms that the recent ransomware attack resulted in data theft and says expenses reached $27 million. |
Ransomware | ★★★ | |
|
2024-02-01 06:00:12 | Le pare-feu humain: Pourquoi la formation de sensibilisation à la sécurité est une couche de défense efficace The Human Firewall: Why Security Awareness Training Is an Effective Layer of Defense (lien direct) |
Do security awareness programs lead to a quantifiable reduction in risk? Do they directly impact a company\'s security culture? In short, are these programs effective? The answer to these questions is a resounding yes! With 74% of all data breaches involving the human element, the importance of educating people to help prevent a breach cannot be understated. However, for training to be effective, it needs to be frequent, ongoing and provided to everyone. Users should learn about: How to identify and protect themselves from evolving cyberthreats What best practices they can use to keep data safe Why following security policies is important In this blog post, we discuss the various ways that security awareness training can have a positive impact on your company. We also discuss how to make your program better and how to measure your success. Security awareness training effectiveness Let\'s look at three ways that security awareness training can help you boost your defenses. 1. Mitigate your risks By teaching your team how to spot and handle threats, you can cut down on data breaches and security incidents. Our study on the effects of using Proofpoint Security Awareness showed that many companies saw up to a 40% decrease in the number of harmful links clicked by users. Think about this: every click on a malicious link could lead to credential theft, a ransomware infection, or the exploitation of a zero-day vulnerability. So, an effective security awareness program essentially reduces security incidents by a similar amount. Want more evidence about how important it is? Just check out this study that shows security risks can be reduced by as much as 80%. Here is more food for thought. If a malicious link does not directly result in a breach, it must still be investigated. The average time to identify a breach is 204 days. So, if you can reduce the number of incidents you need to investigate, you can see real savings in time and resources. 2. Comply with regulations Security awareness education helps your company comply with data regulations, which are always changing. This can help you avoid hefty fines and damage to your reputation. In many cases, having a security awareness program can keep you compliant with several regulations. This includes U.S. state privacy laws, the European Union\'s GDPR and other industry regulations. 3. Cultivate a strong security culture An effective security awareness program doesn\'t have to be all doom and gloom. Done right, it can help you foster a positive security culture. More than half of users (56%) believe that being recognized or rewarded would make their company\'s security awareness efforts more effective. But only 8% of users say that their company provides them with incentives to practice “good” cybersecurity behavior. When you make security fun through games, contests, and reward and recognition programs, you can keep your employees engaged. You can also motivate them to feel personally responsible for security. That, in turn, can inspire them to be proactive about keeping your critical assets safe. Finally, be sure to incorporate security principles into your company\'s core values. For example, your business leaders should regularly discuss the importance of security. That will help users to understand that everyone plays a vital role in keeping the business safe. How to make your security awareness program effective The verdict is clear. Security awareness programs can tangibly reduce organizational risks. When asked about the connection between their security awareness efforts and their company\'s cybersecurity resilience, a resounding 96% of security professionals say that there is more than just a strong link. They say that it\'s either a direct result of security training or that training is a strong contributor. Let\'s discuss how you can make your program more effective. Assess your security posture The first step toward effectiveness is to assess your company\'s security posture | Ransomware Tool Vulnerability Threat Studies | ★★★ | |
|
2024-01-31 23:32:00 | Kasperskys ics Cert Kasperskys ICS CERT Predictions for 2024: Ransomware Rampage, Cosmopolitical Hacktivism, and Beyond (lien direct) |
Do security awareness programs lead to a quantifiable reduction in risk? Do they directly impact a company\'s security culture? In short, are these programs effective? The answer to these questions is a resounding yes! With 74% of all data breaches involving the human element, the importance of educating people to help prevent a breach cannot be understated. However, for training to be effective, it needs to be frequent, ongoing and provided to everyone. Users should learn about: How to identify and protect themselves from evolving cyberthreats What best practices they can use to keep data safe Why following security policies is important In this blog post, we discuss the various ways that security awareness training can have a positive impact on your company. We also discuss how to make your program better and how to measure your success. Security awareness training effectiveness Let\'s look at three ways that security awareness training can help you boost your defenses. 1. Mitigate your risks By teaching your team how to spot and handle threats, you can cut down on data breaches and security incidents. Our study on the effects of using Proofpoint Security Awareness showed that many companies saw up to a 40% decrease in the number of harmful links clicked by users. Think about this: every click on a malicious link could lead to credential theft, a ransomware infection, or the exploitation of a zero-day vulnerability. So, an effective security awareness program essentially reduces security incidents by a similar amount. Want more evidence about how important it is? Just check out this study that shows security risks can be reduced by as much as 80%. Here is more food for thought. If a malicious link does not directly result in a breach, it must still be investigated. The average time to identify a breach is 204 days. So, if you can reduce the number of incidents you need to investigate, you can see real savings in time and resources. 2. Comply with regulations Security awareness education helps your company comply with data regulations, which are always changing. This can help you avoid hefty fines and damage to your reputation. In many cases, having a security awareness program can keep you compliant with several regulations. This includes U.S. state privacy laws, the European Union\'s GDPR and other industry regulations. 3. Cultivate a strong security culture An effective security awareness program doesn\'t have to be all doom and gloom. Done right, it can help you foster a positive security culture. More than half of users (56%) believe that being recognized or rewarded would make their company\'s security awareness efforts more effective. But only 8% of users say that their company provides them with incentives to practice “good” cybersecurity behavior. When you make security fun through games, contests, and reward and recognition programs, you can keep your employees engaged. You can also motivate them to feel personally responsible for security. That, in turn, can inspire them to be proactive about keeping your critical assets safe. Finally, be sure to incorporate security principles into your company\'s core values. For example, your business leaders should regularly discuss the importance of security. That will help users to understand that everyone plays a vital role in keeping the business safe. How to make your security awareness program effective The verdict is clear. Security awareness programs can tangibly reduce organizational risks. When asked about the connection between their security awareness efforts and their company\'s cybersecurity resilience, a resounding 96% of security professionals say that there is more than just a strong link. They say that it\'s either a direct result of security training or that training is a strong contributor. Let\'s discuss how you can make your program more effective. Assess your security posture The first step toward effectiveness is to assess your company\'s security posture | Ransomware Studies Industrial | ★★★★ | |
 |
2024-01-31 23:05:07 | Pentagone enquêtant sur le vol de fichiers sensibles par un groupe de ransomwares Pentagon investigating theft of sensitive files by ransomware group (lien direct) |
> Le groupe Ransomware AlphV menace de divulguer des données obtenues auprès d'une société de services informatiques de Virginie qui contracte avec l'armée américaine.
>The ransomware group ALPHV is threatening to leak data obtained from a Virginia IT services company that contracts with the U.S. military. |
Ransomware | ★★★ | |
|
2024-01-31 22:49:00 | Les groupes de ransomwares gagnent un poids avec de fausses affirmations d'attaque Ransomware Groups Gain Clout With False Attack Claims (lien direct) |
Technica?Europcar?Les cybercriminels bluffent de plus en plus des attaques de ransomwares, et la communauté de la cybersécurité aide en diffusant leurs mensonges.
Technica? Europcar? Cybercriminals are increasingly bluffing about ransomware attacks, and the cybersecurity community is helping by spreading their lies. |
Ransomware | ★★★ | |
|
2024-01-31 21:45:00 | Johnson contrôle les coûts de nettoyage des ransomwares supérieurs à 27 millions de dollars et à compter Johnson Controls Ransomware Cleanup Costs Top $27M and Counting (lien direct) |
Le dernier dépôt de la SEC de JCI \\ note que ses installations de factorie intelligente n'étaient pas compromises, apaisant les craintes de sécurité physique.
JCI\'s latest SEC filing notes that its smart-factory installations weren\'t compromised, allaying physical security fears. |
Ransomware | ★★★★ | |
|
2024-01-31 18:52:23 | Les paiements de ransomware sur le déclin alors que les cyberattaquants se concentrent sur les organisations les plus petites et les plus grandes Ransomware Payments On The Decline As Cyber Attackers Focus on The Smallest, And Largest, Organizations (lien direct) |
Ransomware Threat | ★★★ | ||
|
2024-01-31 14:21:50 | Cyberattack de décembre sur l'hôpital communautaire de Chicago revendiqué par Lockbit Gang December cyberattack on Chicago community hospital claimed by LockBit gang (lien direct) |
Une cyberattaque récemment annoncée dans un grand hôpital communautaire de Chicago a été revendiquée par le gang de ransomware de Lockbit.Saint Anthony Hospital on the City \'s West Side Lundi et a déclaré que l'attaque avait été découverte pour la première fois le 18 décembre. Mardi soir, le gang de ransomware de Lockbit a publié l'hôpital à
A recently announced cyberattack on a large community hospital in Chicago was claimed by the LockBit ransomware gang. Saint Anthony Hospital on the city\'s west side acknowledged the incident in a statement on Monday and said the attack was first discovered on December 18. On Tuesday evening, the LockBit ransomware gang posted the hospital to |
Ransomware | ★★ |
To see everything:
Our RSS (filtrered)
